The KRACK (key reinstallation attacks) research claims this weakness could not only be used to intercept data travelling between your phone and the wi-fi access point, such as passwords and credit card numbers, but also to inject malicious software into websites.
Android and Linux devices were said to be open to an “especially catastrophic” variation of the attack, including Android 6.0-and-above devices, such as the latest round of smartphones from brands like Samsung, LG, Sony and Google.
The Verge reports Google is “aware of the issue, and will be patching any affected devices in the coming weeks".
The upshot of this research is a reminder that you really should keep the software up-to-date on all your wi-fi connected devices. And look out for some updates being pushed out over the coming days.